Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

c9857074ef...e5.exe

windows7-x64

5

c9857074ef...e5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9857074eff8cadca2b6d83179dee505831b02ca629b78dc824f8bd86b0f88e5

  • Size

    365KB

  • Sample

    231012-ebt4asdc3v

  • MD5

    6a4be4984268b8a62d6c96fc5cf05069

  • SHA1

    d3ee4ba3257107b81c2f2016020acf2008be2c34

  • SHA256

    c9857074eff8cadca2b6d83179dee505831b02ca629b78dc824f8bd86b0f88e5

  • SHA512

    2f692913d946b7f2dce0d0cda556b1832ffdda018b74fdd440e1c74df67f67080ad88904a0226f6cbd7c3c4cccf068ca89767120e14271e04c51f17feffff7ac

  • SSDEEP

    6144:sD5frpxdonyq4zaG2u5AONeKfdTTmBiT1K+3FLrgquqp:sdrp0/9u5TeAHmsvgquqp

Score
10/10
mysticstealer

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      c9857074eff8cadca2b6d83179dee505831b02ca629b78dc824f8bd86b0f88e5

    • Size

      365KB

    • MD5

      6a4be4984268b8a62d6c96fc5cf05069

    • SHA1

      d3ee4ba3257107b81c2f2016020acf2008be2c34

    • SHA256

      c9857074eff8cadca2b6d83179dee505831b02ca629b78dc824f8bd86b0f88e5

    • SHA512

      2f692913d946b7f2dce0d0cda556b1832ffdda018b74fdd440e1c74df67f67080ad88904a0226f6cbd7c3c4cccf068ca89767120e14271e04c51f17feffff7ac

    • SSDEEP

      6144:sD5frpxdonyq4zaG2u5AONeKfdTTmBiT1K+3FLrgquqp:sdrp0/9u5TeAHmsvgquqp

    Score
    10/10
    mysticstealer

    • Mystic

      Mystic is an infostealer written in C++.

      stealermystic

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks